Over The Air – Vol. 2, Pt. 3: Exploiting The Wi-Fi Stack on Apple Devices
This is the most amazing hack.
Upon successful execution, the exploit exposes APIs to read and write the host’s physical memory directly over-the-air, by mapping in any requested address to the controlled DART L2 translation table, and issuing DMA accesses to the corresponding mapped IO-Space addresses.
(tags: hacks exploits security ios wifi apple iphone kernel)